BetterDev.Link collects links around the web that aims to help you learn something new. The topics aren't tight to any specific programming languages, technologies or frameworks but attempt to include resources that might help you learn a thing or two from them.
BetterDev Link
Every Monday
Hi all,
Last week, NextJS has a new security vulnerability, CVE-2025-29927 that allow by pass middleware auth checking by setting a header to trick it into thinking this is an internal request and skip the auth middleware check. If you’re hosted on Vercel there is no action to take, but if you run the vercel server in your infra, you should update.
Another one for k8s, if you’re running ingress-nginx, you should update this patch. The attack require the ability to have a pod already running inside K8S network, such as sharing namespace with other users, or exposing admission controller webhook to internet. So if your cluster is dedicated to you, and not doing stuff like host network or expose admission controller service, you can buy sometime for the upgrade.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
A classic tale of Linux horror. You’re SSH’d into a machine, you make one wrong move, and suddenly your system is broken. This post walks through how to recover from this self-inflicted nightmare.
RIGHT JOIN is an esoteric feature in the SQL language, and hardly ever seen in the real world, because almost every RIGHT JOIN can just be expressed as an equivalent LEFT JOIN. There is, however, one place in the SQL language where RIGHT JOIN is surprisingly ubiquitous and today we learn about it.
An approachable introduction to the magic of zero-knowledge proofs—how they let you prove something without revealing the details. Perfect for anyone curious about cryptography without diving into hardcore math.
This one’s a bit outside the usual programming realm, but trust me—it’s fascinating. A deep dive into how solar panels actually work, the engineering behind them, and why understanding electricity at this level is surprisingly useful.
Syncing data is one of those things that sounds easy until you try to build it. This post walks through a synchronization engine design that’s both simple and powerful.
A deep dive into how macOS can unintentionally leak sensitive data like passwords, thanks to clipboard behavior and debugging tools. A must-read for anyone who cares about security.
Ever tried putting text over an image and ended up with weird background overlaps? This post explains why that happens and how to fix it. If you do anything with CSS, you’ll want to bookmark this one.
BPF is like a superpower for peeking into Linux. Whether you care about performance monitoring, security, or just love cool system hacks, this is a fantastic read.
A nostalgic yet technical look at how null pointer dereferences have plagued macOS over the years. Great for those who love debugging deep OS issues.
AI-powered recommendations are everywhere, but how do they really work? This post explores how LLMs are changing search and recommendation engines for the better.
If you’re a Rubyist curious about parallelism, this is for you. A practical look at Ruby’s Ractors and how they enable truly parallel execution without locks.
an HTML5 Canvas JavaScript framework that extends the 2d context by enabling canvas interactivity for desktop and mobile applications.
JavaScriptA physics engine in Go that makes simulating motion, collisions, and forces as simple as possible.
GoA blazing-fast plotting library for massive datasets, using modern GPU rendering to keep things smooth.
PythonHow do you handle 32 million concurrent viewers? Ashutosh Agrawal, former Chief Architect at JioCinema, breaks down the tech behind this mind-blowing achievement.
A Model Context Protocol (MCP) server that provides browser automation capabilities using Playwright. This server enables LLMs to interact with web pages through structured accessibility snapshots, bypassing the need for screenshots or visually-tuned models.
Powerful devtools for Ruby on Rails. Inspired by the Laravel Debugbar.
an open source agent that monitors your database, finds root causes of issues, and suggests fixes and improvements. It’s like having a new SRE hire in your team, one with extensive experience in Postgres.
Free Online version of pgFormatter a PostgreSQL SQL syntax beautifier (no line limit here up to 100000 characters). This SQL formatter/beautifier supports keywords from SQL-92, SQL-99, SQL-2003, SQL-2008, SQL-2011 and PostgreSQL specifics keywords. May
A database schema management tool that works like Terraform—diff, apply, and keep your schema in check.
Define your API once in a simple tsp file, then generate OpenAPI, gRPC, client code, and docs automatically.
A fast, memory-safe web server powered by Rust. Similar to Caddy or Nginx but written in Rust.
A lightweight, no-nonsense analytics tool that runs on SQLite—great for privacy-conscious tracking.
A self-hosted authentication system that balances security, flexibility, and ease of integration.
An enterprise-grade SSO and directory sync solution to make authentication for B2B apps easier.
A modern identity provider supporting OAuth2, SAML, LDAP, and SCIM, perfect for self-hosted authentication.
A Firebase/Supabase alternative that runs anywhere—ideal for serverless apps and Next.js projects.
A local tool for serving and managing AI models—run your own LLMs without relying on cloud services.
BetterDev Link
Every Monday